Whether you are with the hordes of people stripping Tesco of their last bottle of hand sanitiser, washing your hands to the tune of ‘happy birthday’ twice or are of the train of thought that this is all a bit of hype over a mild form of the flu, the facts are Covid-19 will likely impact your life in one way or another.
Employers and companies worldwide are rapidly reviewing (and drafting in most cases) their pandemic plans to ensure that business can continue in the event that we all need to shut down and self-isolate. The vast majority of solutions to carrying on business as normal when your employees are in quarantine is to allow them to work from home.
Indeed, the basis of most pandemic plans are to permit, and even require, all employees who are able to, to carry out their normal job functions at home, or enable tasks to be swapped and prioritised during any periods of home working.
Such policies are covering all of the basics, such as ensuring all matters are electronically up to date, confirming which employees already have the capability to work from home and pooling together technical resources for the ones who aren’t already set up.
However, one thing that seems to have been forgotten in the mass hysteria of policy drafting and hand washing is the GDPR.
Whether we end up in a lockdown or preventative quarantine, if business is to continue as usual then GDPR provisions need to be followed.
If employees are to work from home, do they have secure connections to the network, or company issued equipment? If they are using personal equipment, what will happen to the personal (and sensitive business!) data that has been processed on the device once normal service resumes? Will you allow your employees to print at home? What should they do with hard copy data?
We may even find ourselves in the situation where whole families are working from home together – what safeguards do you have in place to ensure the security of personal data in an employee’s household? If an employee is working on a sensitive matter which needs discussing over the phone, what measures are in place to protect both the personal data and confidential nature of the discussion from other members of their household?
Unfortunately, a pandemic isn’t one of the exceptions for compliance under the GDPR. In a time where funds will inevitably be constrained in businesses while the country works through the implications of vast amounts of employees potentially being unable to work at full capacity, in addition to the knock on effect Covid-19 is having on the rest of the world, it is more important than ever to minimise the risks of falling foul of the significant fines that can be imposed under the GDPR.
If you require any assistance with your GDPR compliance or would like to discuss compliance during home working then please get in touch with Ellie Leatherday on Ellie.Leatherday@LuptonFawcett.law or any of our specialist Data Law team who would be happy to assist. If you are an employer and are worried about the impact of Covid-19 and what you can and cannot do in relation to your employees in the workplace, then please contact one of our award winning employment team who are on hand to help.
Please note this information is provided by way of example and may not be complete and is certainly not intended to constitute legal advice. You should take bespoke advice for your circumstances.